b'                                       SOCIAL SECURITY\nMEMORANDUM\n\nDate:      September 4, 2007                                              Refer To:\n\nTo:        The Commissioner\n\nFrom:      Inspector General\n\nSubject:   Controls Over Employee Verification Programs (A-03-06-15036)\n\n\n           The attached final report presents the results of our audit. Our objectives were to\n           assess the controls over each employee verification program and identify best\n           practices.\n\n           Please provide within 60 days a corrective action plan that addresses each\n           recommendation. If you wish to discuss the final report, please call me or have your\n           staff contact Steven L. Schaeffer, Assistant Inspector General for Audit, at\n           (410) 965-9700.\n\n\n\n\n                                                               Patrick P. O\xe2\x80\x99Carroll, Jr.\n\n           Attachment\n\x0c           OFFICE OF\n    THE INSPECTOR GENERAL\n\nSOCIAL SECURITY ADMINISTRATION\n\n\n\n    CONTROLS OVER EMPLOYEE\n      VERIFICATION PROGRAMS\n\n  September 2007   A-03-06-15036\n\n\n\n\n AUDIT REPORT\n\x0c                                    Mission\nBy conducting independent and objective audits, evaluations and investigations,\nwe inspire public confidence in the integrity and security of SSA\xe2\x80\x99s programs and\noperations and protect them against fraud, waste and abuse. We provide timely,\nuseful and reliable information and advice to Administration officials, Congress\nand the public.\n\n                                   Authority\nThe Inspector General Act created independent audit and investigative units,\ncalled the Office of Inspector General (OIG). The mission of the OIG, as spelled\nout in the Act, is to:\n\n  \xef\x81\xad Conduct and supervise independent and objective audits and\n    investigations relating to agency programs and operations.\n  \xef\x81\xad Promote economy, effectiveness, and efficiency within the agency.\n  \xef\x81\xad Prevent and detect fraud, waste, and abuse in agency programs and\n    operations.\n  \xef\x81\xad Review and make recommendations regarding existing and proposed\n    legislation and regulations relating to agency programs and operations.\n  \xef\x81\xad Keep the agency head and the Congress fully and currently informed of\n    problems in agency programs and operations.\n\n  To ensure objectivity, the IG Act empowers the IG with:\n\n  \xef\x81\xad Independence to determine what reviews to perform.\n  \xef\x81\xad Access to all information necessary for the reviews.\n  \xef\x81\xad Authority to publish findings and recommendations based on the reviews.\n\n                                     Vision\nWe strive for continual improvement in SSA\xe2\x80\x99s programs, operations and\nmanagement by proactively seeking new ways to prevent and deter fraud, waste\nand abuse. We commit to integrity and excellence by supporting an environment\nthat provides a valuable public service while encouraging employee development\nand retention and fostering diversity and innovation.\n\x0c                                                     Executive Summary\nOBJECTIVE\nOur objectives were to assess the controls over each employee verification program\nand identify best practices.\n\nBACKGROUND\nTo assist employers with accurate wage reporting, the Social Security Administration\n(SSA) has implemented several voluntary verification programs that allow employers to\nverify that the names and Social Security numbers (SSN) of existing and newly-hired\nemployees match the Agency\xe2\x80\x99s records prior to submitting their wage reports to SSA.\nThese verification programs include the Employee Verification Service (EVS)\nTelephone/Fax, EVS for Registered Users, and the Social Security Number Verification\nService (SSNVS).\n\nSSA also participates in a joint initiative with the Department of Homeland Security\n(DHS), the Employment Eligibility Verification System (EEVS), 1 formerly known as the\nBasic Pilot. 2 EEVS assists employers in verifying the employment eligibility of newly-\nhired employees. Participating employers register on-line with DHS to use the voluntary\nsystem. The information the employer submits to DHS is sent to SSA to verify the\nname, SSN, and date of birth (DoB) match SSA\xe2\x80\x99s records. SSA also provides DHS with\nU.S. citizenship information, as recorded in SSA records. When SSA records indicate\nU.S. citizenship and the employee has alleged U.S. citizenship, employment\nauthorization is confirmed. DHS confirms the current employment-authorization for non-\ncitizens. 3\n\nRESULTS OF REVIEW\nWe found SSA could establish more effective controls over access to EVS\nTelephone/Fax and EVS for Registered Users. In addition, access controls over DHS\xe2\x80\x99\nEEVS could be improved. For example, none of these verification programs required\nverification of a user\xe2\x80\x99s identity or authorization to use the verification programs on behalf\nof his/her employer. Only SSA\xe2\x80\x99s SSNVS had adequate access controls. In addition, we\nlearned the feedback responses provided to employers were not consistent among the\nverification programs for (1) name and SSN matches, (2) death indicator responses,\n(3) corrected SSNs, and/or (4) work authorization status. For instance, an employer\ncould submit the same name and SSN for verification and the data could be verified\n\n1\n    EEVS is also referred to as E-Verify.\n2\n  Section 401 of The Illegal Immigration Reform and Immigrant Responsibility Act of 1996\n(8 U.S.C. \xc2\xa7 1324a), Pub. Law No. 104-208. See Appendix E for more details about EEVS.\n3\n    Basic Pilot (BP) and Designated Agent Basic Pilot (DABP) User Manual, DHS, April 2004.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                 i\n\x0cunder the DHS\xe2\x80\x99 EEVS but fail verification under SSNVS. Finally, we found that both\nEVS programs and DHS\xe2\x80\x99 EEVS lack effective controls related to monitoring employers\xe2\x80\x99\nusage of the programs and/or blocking unauthorized and inactive users from gaining\naccess to the verification programs. Due to the vulnerabilities and inconsistencies we\nfound among the verification programs, SSA\xe2\x80\x99s data could be susceptible to\nunauthorized access as well as inadvertent disclosure of personally identifiable\ninformation (PII) to unauthorized users.\n\n                                        EVS Telephone/Fax              EVS\n              Description                           Teleservice     Registered\n              of Controls               ERSC1         Center          Users      SSNVS          EEVS\n                                                  Access Controls\n    Verifies user\xe2\x80\x99s Identity             No              No            No           Yes          No\n    Validates user\xe2\x80\x99s authority to use\n    the program on behalf of his/her     No              No            No           Yes          No\n    employer\n                                          Verification Feedback\n    Uses name matching software          N/A            N/A            No           No           Yes\n\n    Provides a death indicator                                2                                        2\n                                         No             Yes            Yes          Yes          Yes\n    response\n    Verifies information without\n                                         N/A            N/A            No           Yes          Yes\n    providing corrected SSN\n    Verifies work authorization                               3\n                                         No             Yes            No           No           Yes\n    status\n                                           Monitoring Controls\n                                                                                                    4\n    Monitor employers usage              No              No            No           Yes          No\n\n                                              5\n    Blocks unauthorized use             Yes              No            No           Yes          No\n\n    Deactivates inactive users           N/A            N/A            No           Yes          No\n\nNote 1: Within SSA, two components are primarily responsible for conducting the verifications by\n                                                                                       4\ntelephone\xe2\x80\x94Teleservice Centers and the Employer Reporting Service Center (ERSC).\nNote 2: While the program did not specifically note that the Agency\xe2\x80\x99s records showed a death, the\nprogram would not verify any data related to an individual shown as deceased in the Agency\xe2\x80\x99s records.\nNote 3: While the program did not specifically note that the Agency\xe2\x80\x99s records showed the individual was\nunauthorized to work, the program would not verify any record related to an individual recorded as\nunauthorized to work in the Agency\xe2\x80\x99s records.\nNote 4: DHS is developing this capacity.\nNote 5: Although the ERSC cannot block incoming telephone calls, it maintains a list of problem\nemployers on a \xe2\x80\x9cDo Not Verify\xe2\x80\x9d list to restrict further verification.\n\n\n\n\n4\n While we are using the term Teleservice Centers in our review, SSA field offices also are responsible for\nverifications and are expected to follow the same policy guidance.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                               ii\n\x0cCONCLUSION AND RECOMMENDATIONS\nWe believe that providing employers with tools to verify the names/SSNs of their\nemployees is crucial for accurate wage reporting. DHS\xe2\x80\x99 EEVS also helps ensure\ncompliance with immigration laws by providing information on employee\xe2\x80\x99s work\nauthorization. However, both SSA and DHS need to make certain that adequate\nsecurity measures are in place to prevent and detect unauthorized or inappropriate\naccess to the verification programs and SSA data. Furthermore, the two agencies need\nto ensure feedback responses provided to users of the verification programs are\nconsistent to avoid skepticism about these programs and data and to prevent\ninadvertent disclosure of PII to unauthorized users.\n\nTo address the findings in this report, we recommend SSA:\n\n   1. Consider combining the EVS Telephone/Fax and EVS for Registered Users\n      under SSNVS to ensure access and monitoring controls are in place to protect\n      the program, safeguard data, prevent unauthorized access, and provide\n      consistent information to employers.\n\n   2. Ensure that feedback responses provided to employers for the four verification\n      programs are consistent as it relates to (a) name/SSN matches and (b) death\n      indicator responses.\n\nIf the Agency determines that is not feasible to combine its employee verifications under\nthe SSNVS umbrella, we have made a series of recommendations on what the Agency\nshould do:\n\n   3. Implement procedures to verify the identity and authority for individuals to use\n      EVS Telephone/Fax and EVS for Registered Users to ensure proper disclosure\n      of verification data.\n\n   4. Discontinue the disclosure of corrected SSNs via the paper process under EVS\n      for Registered Users.\n\n   5. Consider modifying all verification programs to detect SSNs for individuals in\n      non-work status, provide employers with notification, and instruct employers to\n      have their employees visit a field office to update the employee\xe2\x80\x99s record.\n\n   6. Establish monitoring controls for EVS Telephone/Fax and EVS for Registered\n      Users that is consistent with SSNVS to detect potential misuse of the verification\n      programs.\n\n   7. Develop procedures to block unauthorized users from gaining access to SSA\xe2\x80\x99s\n      verifications programs. Ensure that unauthorized user information is shared\n      among the verification programs to prevent further access to SSA data.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                             iii\n\x0c   8. Establish a protocol to remove inactive users from the list of valid users for EVS\n      for Registered Users until their identity and authorization to use the verification\n      program has been verified and updated.\n\nAGENCY COMMENTS\nSSA agreed with all but one of our recommendations. In response to Recommendation\n5, SSA stated that it believed that work authorization was DHS\xe2\x80\x99 responsibility and\nshould be handled through DHS\xe2\x80\x99 EEVS process. Further, the Agency stated that\nalthough current disclosure policy would allow work authorization information to be\nprovided to employers based on their wage reporting responsibilities, this information\nmay not be current in SSA\xe2\x80\x99s Numident records. See Appendix F for the full text of\nSSA\xe2\x80\x99s comments.\n\nOIG RESPONSE\nIn terms of Recommendation 5, we believe SSA should reconsider this recommendation\nbecause the Agency has a significant role in the workplace by (1) issuing Social\nSecurity cards with work authorization designations to assist employers when they hire\nnew employees and (2) assisting DHS with EEVS to verify the identity and work\nauthorization of new employees.\n\nSince SSA\xe2\x80\x99s employee verification programs are more comprehensive than EEVS in\nthat SSA verifies the identity of new and existing employees (i.e. SSNVS), we believe\nSSA is in a good position to assist with work authorization as well. Even if SSA\xe2\x80\x99s\nNumident records are out of date, two positive outcomes are possible if SSA verifies an\nemployee\xe2\x80\x99s work authorization: (1) unauthorized workers are identified or (2) the\nemployee\xe2\x80\x99s information is updated in SSA\xe2\x80\x99s records.\n\nCurrently, non-citizens with outdated information in SSA\xe2\x80\x99s systems are most likely\nunaware that their information is being reported to DHS as part of SSA\xe2\x80\x99s legal\nrequirement to share such data with DHS for worksite enforcement. Moreover, these\nnon-citizens will not be eligible for SSA benefits until their work authorization information\nhas been corrected.\n\nIn terms of workloads, even if work authorization notifications to employers lead to\nadditional workloads in the short-term, we believe this data-sharing will (1) improve the\naccuracy and integrity of SSA records and (2) reduce the number of nonwork SSNs\nshared with DHS in subsequent years, allowing DHS to better focus its resources. In\naddition, the earlier notifications could lessen field office workloads by reducing the\nnumber of \xe2\x80\x9cSSA tentative non-confirmations\xe2\x80\x9d under EEVS and eliminating the need for\nstaff to verify the existence of a work-authorized SSN for non-citizens applying for SSA\nbenefits.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                iv\n\x0c                                                                        Table of Contents\n                                                                                                                   Page\n\nINTRODUCTION ..................................................................................................... 1\n\nRESULTS OF REVIEW .......................................................................................... 3\n\nAccess Controls ...................................................................................................... 3\n\n    \xe2\x80\xa2    Verification of User\xe2\x80\x99s Identity ........................................................................ 3\n\n    \xe2\x80\xa2    Validation of User\xe2\x80\x99s Authorization to Represent Employer ........................... 4\n\nVerification Feedback .............................................................................................. 5\n\n    \xe2\x80\xa2    Name Matching Software ............................................................................. 6\n\n    \xe2\x80\xa2    Death Information ......................................................................................... 6\n\n    \xe2\x80\xa2    Corrected SSNs............................................................................................ 7\n\n    \xe2\x80\xa2    Verifying Work Authorization Status ............................................................. 8\n\nMonitoring Controls ................................................................................................. 9\n\n    \xe2\x80\xa2    Monitoring Usage ......................................................................................... 9\n\n    \xe2\x80\xa2    Blocking Unauthorized or Inactive Users .................................................... 11\n\nCONCLUSIONS AND RECOMMENDATIONS ..................................................... 13\n\nAPPENDICES\n\nAPPENDIX A \xe2\x80\x93 Acronyms\nAPPENDIX B \xe2\x80\x93 Scope and Methodology\nAPPENDIX C \xe2\x80\x93 Employee Verification Service\nAPPENDIX D \xe2\x80\x93 Social Security Number Verification Service\nAPPENDIX E \xe2\x80\x93 Employee Eligibility Verification System\nAPPENDIX F \xe2\x80\x93 Agency Comments\nAPPENDIX G \xe2\x80\x93 OIG Contacts and Staff Acknowledgments\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)\n\x0c                                                                             Introduction\nOBJECTIVE\nOur objectives were to assess the controls over each employee verification program\nand identify best practices.\n\nBACKGROUND\nTo assist employers with accurate wage reporting, the Social Security Administration\n(SSA) has implemented several voluntary verification programs that allow employers to\nverify that the names and Social Security numbers (SSN) of existing and newly-hired\nemployees match the Agency\xe2\x80\x99s records prior to submitting their wage reports to SSA.\nThese verification programs include the Employee Verification Service (EVS)\nTelephone/Fax, EVS for Registered Users, and the Social Security Number Verification\nService (SSNVS).\n\n    \xe2\x80\xa2   EVS Telephone/Fax is a voluntary program where employers can verify up to 5\n        employees\xe2\x80\x99 names/SSNs by calling SSA\xe2\x80\x99s toll-free numbers and up to 50\n        names/SSNs by submitting paper listings to SSA offices. 1\n\n    \xe2\x80\xa2   EVS for Registered Users is a voluntary electronic verification program\n        established in the early 1980s. Under this program, employers can verify 51 or\n        more employees\xe2\x80\x99 names/SSNs by submitting paper or magnetic media listings\n        (tape, cartridge, compact disk, or diskette). 2\n\n    \xe2\x80\xa2   SSNVS is a voluntary on-line program that allows employers to validate the\n        names/SSNs of employees. 3 Established in 2002 as a pilot restricted to a\n        limited number of employers, the program was rolled out to all employers in June\n        2005.\n\n1\n  Within SSA, two components are primarily responsible for conducting the verifications by telephone\xe2\x80\x94\nTeleservice Centers and the Employer Reporting Service Center (ERSC). Staff in the Teleservice\nCenters provide a full range of assistance to beneficiaries and inquirers (including employers) by\ntelephone and/or by correspondence regarding all programs administered by SSA. Staff in the ERSC\nassists employers with wage reporting questions or problems. While we are using the term Teleservice\nCenters in our review, SSA field offices also are responsible for verifications and are expected to follow\nthe same policy guidance.\n2\n  Starting in October 2007 SSA will no longer process magnetic media (i.e. tapes, cartridges, compact\ndisk, or diskettes) for SSN verification using EVS for Registered Users. Employers that prefer to submit\nrequests electronically will be required to use SSNVS. SSA will continue to accept paper requests under\nEVS for Registered Users. The paper requests are processed by SSA\xe2\x80\x99s Wilkes Barre Data Operations\nCenter (WBDOC). See Appendix C for more details about the EVS program.\n3\n  SSNVS is one of the programs offered by SSA\xe2\x80\x99s Business Service Online (BSO). BSO is a suite of\nInternet programs for businesses and employers to exchange information with SSA. See Appendix D for\nmore details about SSNVS.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                                 1\n\x0c          For SSNVS, employers can either verify up to 10 names/SSNs (per screen)\n          on-line, and receive immediate results, or upload batch files of up to 250,000\n          names/SSNs and usually receive results the next Government business day.\n\nSSA also participates in a joint initiative with the Department of Homeland Security\n(DHS), the Employment Eligibility Verification System (EEVS), 4 formerly known as the\nBasic Pilot. 5 EEVS assists employers in verifying the employment eligibility of newly-\nhired employees. Participating employers register on-line with DHS to use the voluntary\nsystem. The information the employer submits to DHS is sent to SSA to verify the\nname, SSN, and date of birth (DoB) match SSA\xe2\x80\x99s records. SSA also provides DHS with\nU.S. citizenship information, as recorded in SSA records. When SSA records indicate\nU.S. citizenship and the employee has alleged U.S. citizenship, employment\nauthorization is confirmed. DHS confirms the current employment-authorization for non-\ncitizens. 6\n\nA comparison of the four verification programs is shown in the following table.\n\n                         Table 1: Comparison of Verification Programs\n                                                     EVS\n                                      Telephone/           Registered\n          Characteristics                 Fax                Users        SSNVS              EEVS\n\n    Date Established                        1983              1983          2002             1997\n    Registered employers as of\n         1                                         2\n    2006                             Not available           16,600        13,400            12,000\n                               3                   2\n    Verifications as of 2006          Not available     31.5 million       49 million      1.7 million\n                                           All               All              All\n    Type of Employees Verified         Employees         Employees        Employees     Newly-Hired\n                                         Ensure           Ensure            Ensure\n    Purpose of Verification          Accurate Wage     Accurate Wage    Accurate Wage   Verify Work\n    Program                            Reporting         Reporting        Reporting     Authorization\nNote 1: Employers can have multiple users registered to use the verification programs on their behalf.\nNote 2: This data was unavailable because SSA does not capture employer and verification data for the\nEVS Telephone/Fax service.\nNote 3: The verification data for the programs covered two different periods since SSA captures EVS and\nSSNVS data by Calendar Year (CY) and DHS captures the EEVS data by Fiscal Year.\n\n\n\n\n4\n    EEVS is also referred to as E-Verify.\n5\n  Section 401 of The Illegal Immigration Reform and Immigrant Responsibility Act of 1996\n(8 U.S.C. \xc2\xa7 1324a), Pub. Law No. 104-208. See Appendix E for more details about EEVS.\n6\n    Basic Pilot (BP) and Designated Agent Basic Pilot (DABP) User Manual, DHS, April 2004.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                             2\n\x0c                                                       Results of Review\nWe found SSA could establish more effective controls over access to EVS\nTelephone/Fax and EVS for Registered Users. In addition, access controls over DHS\xe2\x80\x99\nEEVS could be improved. For example, none of these verification programs required\nverification of a user\xe2\x80\x99s identity or authorization to use the verification programs on behalf\nof his/her employer. Only SSA\xe2\x80\x99s SSNVS had adequate access controls. In addition, we\nlearned the feedback responses provided to employers were not consistent among the\nverification programs for (1) name and SSN matches, (2) death indicator responses,\n(3) corrected SSNs, and/or (4) work authorization status. For instance, an employer\ncould submit the same name and SSN for verification and the data could be verified\nunder the DHS\xe2\x80\x99 EEVS but fail verification under SSNVS. Finally, we found that both\nEVS programs and DHS\xe2\x80\x99 EEVS lack effective controls related to monitoring employers\xe2\x80\x99\nusage of the programs and/or blocking unauthorized and inactive users from gaining\naccess to the verification programs. Due to the vulnerabilities and inconsistencies we\nfound among the verification programs, SSA\xe2\x80\x99s data could be susceptible to\nunauthorized access as well as inadvertent disclosure of personally identifiable\ninformation (PII) to unauthorized users.\n\nACCESS CONTROLS\n\nAlthough our review found that SSA had established controls over access to SSNVS,\nwe found access controls for EVS Telephone/Fax, EVS for Registered Users, and DHS\xe2\x80\x99\nEEVS needed to be improved. As illustrated in Table 2, our review found these three\nprograms granted users access without verifying the users\xe2\x80\x99 identity or authority to use\nthe verification programs.\n\n                                    Table 2: Access Controls\n                                    EVS Telephone/Fax           EVS\n             Description                     Teleservice     Registered\n             of Controls            ERSC       Center          Users         SSNVS        EEVS\n    Verifies user\xe2\x80\x99s identity          No          No              No           Yes         No\n    Validates user\xe2\x80\x99s authority to\n    use the program on behalf of      No          No              No           Yes         No\n    his/her employer\n\n\nVerification of User\xe2\x80\x99s Identity\n\nAs we reported in our September 2006 congressional audit report, 7 the SSNVS program\nhad a mechanism in place to verify a user\xe2\x80\x99s identity prior to providing them access to\nthe verification program. SSA authenticates the user\xe2\x80\x99s identity by verifying his or her\n\n7\n SSA Office of the Inspector General (OIG), Congressional Response Report: Monitoring the Use of\nEmployee Verification Programs (A-03-06-36122), September 2006.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                       3\n\x0cname, SSN, and DoB against SSA\xe2\x80\x99s Numident file. However, we found users of EVS\nTelephone/Fax, EVS for Registered Users, and EEVS were allowed access to these\nprograms and SSA data without obtaining and/or verifying their identities. Both EVS for\nRegistered Users and EEVS did not require users to provide their SSNs or DoBs during\nthe application process for authentication. 8 Moreover, EVS Telephone/Fax did not\nrequire users to provide any identifying information (i.e. name, SSN, or DoB) prior to\ngaining access to SSA data. 9\n\nAccording to SSA staff, the EVS programs were established many years ago to facilitate\neasy and accurate wage reporting for employers. Therefore, a user authentication step\nwas not built into these older services. As for EEVS, we noted in our prior audit\nreport, 10 DHS staff would need to work with SSA and/or the IRS to obtain access to\nearnings records and Numident information to implement controls to verify a user\xe2\x80\x99s\nidentity. 11\n\nValidation of User\xe2\x80\x99s Authorization to Represent Employer\n\nWe found that as part of the SSNVS application process, SSA verified whether users\nhad authorization from employers to use the verification program. However, this\nprocedure or something similar was not performed for the remaining three verification\nprograms. Under SSNVS, SSA verified the user\xe2\x80\x99s authorization by (1) searching the\nMaster Earnings File (MEF) 12 to determine whether wages were posted under the\nemployer\xe2\x80\x99s Employer Identification Number (EIN) 13 and (2) sending a letter to the\nemployer notifying it that their employee had requested access to SSNVS on their\nbehalf. To ensure the employer was aware what employee requested access to\nSSNVS on their behalf, SSA sent the letter to the employer\xe2\x80\x99s address shown in the\nEmployer Identification File (EIF) 14 and not the address provided by the user during the\napplication process. SSA did not require authenticating users\xe2\x80\x99 authorization to use the\ntwo EVS programs because, as stated earlier, these older employer verification\n\n8\n See Appendices C and E for details on the application requirements for EVS for Registered Users and\nEEVS.\n9\n SSA Teleservice Center Operating Guide (TSCOG), TC 31001.090\xe2\x80\x94Request To Verify SSN or Work\nAuthorization and Program Operations Manual System (POMS) ER 00301.010\xe2\x80\x94Telephone Calls.\n10\n  SSA OIG, Congressional Response Report: Monitoring the Use of Employee Verification Program\n(A-03-06-36122), September 2006.\n11\n  It is possible that a statutory change would be required to allow DHS access to earnings records for this\npurpose.\n12\n  The MEF contains all earnings data reported by employers and self-employed individuals. The data is\nused to determine eligibility for and the amount of Social Security benefits.\n13\n  The EIN is a 9-digit number assigned by the Internal Revenue Service (IRS) to sole proprietors,\ncorporations, partnerships, estates, trusts, and other entities for tax reporting purposes.\n14\n  The EIF is an IRS file that contains the EIN of a business and the employers name and address\nassociated with each EIN.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                             4\n\x0cprograms were established to facilitate easy and accurate wage reporting for\nemployers. DHS was unable to perform the same level of verification for EEVS\nbecause it did not have access to earnings records such as the MEF or EIF. DHS staff\nnoted they would need to work with SSA and/or the IRS to obtain access to earnings\nrecords to perform a similar verification. 15\n\nWe believe both agencies need to establish procedures to verify whether users have\nauthorization to use the verification programs to decrease the risk that users may be\naccessing the verification programs for non-employment purposes. For example, a user\ncould misuse EVS for Registered Users to verify the identity of an individual who is not\nan employee of the company and avoid paying SSA a fee for a non-program related\nverification. 16\n\nVERIFICATION FEEDBACK\n\nOur review determined that feedback responses provided to employers were not always\nconsistent among the programs for (1) name and SSN matches, (2) death indicator\nresponses, (3) corrected SSNs, and (4) work authorization status (see Table 3). For\nexample, an employer could submit the same name and SSN for verification and the\ndata could be verified under EEVS but fail verification under SSNVS. The inconsistent\nresponse would occur because SSA used an additional name matching routine as part\nof the EEVS validation process.\n\n                                    Table 3: Verification Feedback\n                                          EVS Telephone/Fax              EVS\n             Description of                           Teleservice     Registered\n               Feedback                   ERSC          Center          Users         SSNVS       EEVS\n     Uses name matching software            N/A            N/A             No            No        Yes\n     Provides a death indicator                                 1                                        1\n                                            No            Yes              Yes           Yes       Yes\n     response\n     Verifies information without\n                                            N/A            N/A             No            Yes       Yes\n     providing corrected SSN\n     Verifies work authorization                                2\n                                            No            Yes              No            No        Yes\n     status\n     Note 1: While the program did not specifically note that the Agency\xe2\x80\x99s records showed a death, the\n     program will not verify any data related to an individual shown as deceased in the Agency\xe2\x80\x99s records.\n     Note 2: While the program did not specifically note that the Agency\xe2\x80\x99s records showed the individual\n     was unauthorized to work, the program would not verify any record related to an individual recorded as\n     unauthorized to work in the Agency\xe2\x80\x99s records.\n\n\n\n15\n     Again, a statutory change might be required to allow DHS access to earnings information.\n16\n   Companies that have a need to verify SSNs for non-employment purposes must obtain valid consent\nfrom the numberholder and pay a fee to SSA. SSA charges these companies $46 for verification of the\nfirst SSN and $20 for each additional SSN. SSA POMS, GN 03311.007\xe2\x80\x94A Standard Fee for Non-\nProgram SSN Verifications for Third Parties with Consent.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                                  5\n\x0cName Matching Software\n\nWe found that the SSA and DHS programs were using different name matching routines\nfor the electronic verification programs, which could result in inconsistent responses to\nemployers. DHS\xe2\x80\x99 EEVS used a name matching software package 17 as part of the\nvalidation that was not being used as part of EVS for Registered Users or SSNVS.\nWhen we compared feedback from EEVS and SSNVS, we found instances where\nemployers could receive inconsistent feedback responses for the same data submitted.\nFor example, we reviewed a case where an employer used EEVS to verify the name,\nSSN, and work authorization of a newly-hired employee and received a positive\nverification response. At the end of the year, this employer submitted its entire payroll\nfor verification to SSNVS, which is encouraged by SSA, and the employee\xe2\x80\x99s name/SSN\nfailed verification. The employer was perplexed as to why the same data did not verify\nunder both programs. Based on our review of the two responses, we found that the\nemployer provided a correct name and the positive verification response provided under\nEEVS was valid.\n\nAccording to SSA staff, the Agency used the commercial software package to increase\nthe number of positive verification responses provided under EEVS. SSA decided not\nto use the software package for EVS and SSNVS because it wanted to have a more\nstringent name/SSN verification routine to help ensure accurate wage reporting. SSA\nstaff were unable to provide any data on the reliability of the name-matching software.\nWe believe the verification responses should be consistent among the verification\nprograms to avoid providing employers with false positive or false negative verification\nresponses.\n\nDeath Information\n\nAlthough we found all four verification programs detected death information during the\nverification process, the responses provided to employers differed among the programs.\nFor SSNVS and EVS for Registered Users, SSA notified employers that the name/SSN\ncombination had been verified but SSA\xe2\x80\x99s records indicated that the individual was\ndeceased. EVS Telephone/Fax and EEVS did not disclose whether individuals were\ndeceased. Under EVS Telephone/Fax, the response provided when a date of death\nwas present on the numberholder\xe2\x80\x99s record varied depending on which component within\nSSA conducted the verification. If staff in the ERSC conducted the verification,\nemployers were told the name/SSN combination matched SSA records and the date of\ndeath was ignored. 18 However, if staff in the Teleservice Centers conducted the\n\n17\n  SSA used name matching tolerances for all three electronic verifications programs (EVS for Registered\nUsers, SSNVS and EEVS) when the Agency could not match the name and SSN information supplied by\nthe employer with data in its records. If a match was not found for EEVS, then SSA used the name\nmatching software to verify the submitted name. The software perform various checks including\n(1) removing extraneous characters (e.g. extra spaces, periods, commas, hyphens, apostrophes, other\npunctuation); (2) replacing nicknames with proper names (e.g. "BETH" is replaced with "ELIZABETH");\nand (3) joining "recognized" prefixes to the main word (e.g. "MC DONALD" becomes "MCDONALD").\n18\n     SSA POMS, ER 00301.010\xe2\x80\x94Telephone Calls.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                          6\n\x0cverification, employers were instructed to ask their employee to contact SSA to verify\ntheir SSN or to correct identifying information on SSA\xe2\x80\x99s records. 19 Under EEVS,\nemployers were provided a SSA tentative non-confirmation response that stated the\nSSN did not match SSA records.\n\nSSA was required by the Intelligence Reform and Terrorism Prevention Act of 2004 to\nadd death indicators to the SSN verification systems used by employers. 20 To ensure\nthe Agency has fully complied with this law, SSA needs to make every effort to provide\nemployers using the EVS Telephone/Fax service with a death indicator consistent with\nthe other verification programs. Failure to do so could cause unintended\nconsequences, such as an employer relying on SSA\xe2\x80\x99s positive verification response for\nan individual who is actually deceased and unknowingly hiring someone who may have\nmisused a deceased person\xe2\x80\x99s identity.\n\nCorrected SSNs\n\nOur review found EVS for Registered Users was the only electronic verification program\nthat disclosed the corrected SSN to employers if the submitted SSN was incorrect. This\ncorrection process, called Single Select, was designed to resolve situations when the\nSSN did not verify because of transcription or keying errors where one digit was\ntransposed with another or one number was simply incorrect. 21 In a September 2003\nreport, SSA\xe2\x80\x99s Enumeration Response Team stated that the value of Single Select was\nthat it increased the verification rate of EVS for Registered Users by about 2 percent. 22\n\nIn the same report, the Enumeration Response Team acknowledged that SSA\xe2\x80\x99s policy\nto use Single Select was inconsistent among its verification programs for employers.\nWhen SSNVS and EEVS were implemented, SSA decided not to use Single Select\nbecause of the Agency\xe2\x80\x99s apprehension to disclose SSNs to the public. The disclosure\nof corrected SSN should be significantly reduced in FY 2008 since SSA will no longer\naccept verification requests submitted by magnetic media for EVS for Registered Users.\nHowever, at the time of our review, the Agency had no plans to discontinue the\ndisclosure of corrected SSNs via Single Select for verification requests submitted by\npaper to the WBDOC. 23 We believe the Agency should discontinue the disclosure of\ncorrected SSNs to ensure they are consistent with respect to the type of information\nprovided to employers through its verification programs.\n19\n     SSA TSCOG, TC 31001.090\xe2\x80\x94Request To Verify SSN or Work Authorization.\n20\n     Public Law 108\xe2\x80\x93458 \xc2\xa7 7213, 42 U.S.C. \xc2\xa7 405 note.\n21\n  If the SSN verification process does not verify the number as input, Single Select looks at 89 similar\nSSNs. It then does a name and DoB search on each of those 89 SSNs and verifies if the data matches.\nThe DoB is an optional reporting field under EVS for Registered Users.\n22\n   SSN Verification: Policy Process, and Recommendations, A Report of the SSN Verification Sub-Team\nto the Enumeration Response Team, SSA, September 2003.\n23\n  The WBDOC processes EVS paper verifications requests of 51 or more. In CY 2006, WBDOC\nprocessed about 339,000 verifications that were submitted by paper.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                               7\n\x0cVerifying Work Authorization Status\n\nDHS\xe2\x80\x99 EEVS program notified employers about the work authorization status of newly-\nhired employees, which is the overall goal of the program. However, we found that\nSSA\xe2\x80\x99s verification response varied based upon the service being used by the employer.\nFor SSNVS and EVS for Registered Users, SSA would verify an individual\xe2\x80\x99s name/SSN\ncombination even if the individual\xe2\x80\x99s record showed he/she was not eligible to work in the\nUnited States. Moreover, the feedback responses for work eligibility under EVS\nTelephone/Fax differed depending on which component conducted the verification. If\nthe ERSC conducted the verification, then the employer was notified that the name/SSN\ncombination had been verified and the work status was ignored. 24 However, if the\nTeleservice Center conducted the verification, and SSA\xe2\x80\x99s records showed an individual\nwas not authorized to work, the information was not verified, and the employer was\ninstructed to have their employee visit a local field office. 25\n\nIn our September 2002 report, 26 we recommended SSA modify its EVS program to\ndetect SSNs for individuals in non-work status, provide appropriate notification to\nemployers, and issue an alert for necessary action by SSA staff. The Agency decided\nnot to implement the recommendation because (1) it did not believe the immigration/\ncitizenship status for non-citizens was reliable and (2) only DHS could determine the\ncurrent work authorization status for non-citizens. Prior audit work has confirmed that\nSSA\xe2\x80\x99s information can be out-of-date if the SSN owner fails to notify the Agency of a\nchange in their immigration status. For instance, in our June 2006 audit, 27 we noted\nthat based on our review of a sample of 275 noncitizens who worked under non-work\nSSNs in Tax Year (TY) 2003, it appeared 101 (37 percent) had work authorization.\nHowever, SSA\xe2\x80\x99s records had not been updated to reflect a change in these individuals\xe2\x80\x99\nwork status.\n\nTo update SSA records, non-citizens must visit a local field office to provide evidence of\ntheir current citizenship/work authorization status. In the case of employee verification,\nan employer\xe2\x80\x99s inability to obtain positive verification due to out-of-date information may\nlead to a small delay in the verification process, but it would lead to a correction of\n\n\n\n\n24\n     SSA POMS, ER 00301.010\xe2\x80\x94Telephone Calls.\n25\n     SSA TSCOG, TC 31001.090\xe2\x80\x94Request to Verify SSN or Work Authorization.\n26\n  SSA OIG, The Social Security Administration\'s Employee Verification Service for Registered Employers\n(A-03-02-22008), September 2002.\n27\n     SSA OIG, Employers with the Most Wage Items in the Nonwork Alien File (A-08-05-15138), June 2006.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                         8\n\x0cSSA\xe2\x80\x99s records and may eventually benefit the employee at a later date. 28 We still\nbelieve SSA should modify its verification programs to detect SSNs for individuals in\nnon-work status and then instruct employers to have their employees visit a field office\nto update the employee\xe2\x80\x99s record. 29\n\nMONITORING CONTROLS\n\nWe found that both EVS programs and DHS\xe2\x80\x99 EEVS lack effective controls related to\nmonitoring employers\xe2\x80\x99 usage of the programs and/or blocking unauthorized and inactive\nusers from gaining access to the verification programs (see Table 4). In contrast,\nSSNVS had adequate controls in place to detect unauthorized users and anomalies in\ntheir usage of the verification program.\n\n                                     Table 4: Monitoring Controls\n                                           EVS Telephone/Fax            EVS\n                                                      Teleservice    Registered\n          Description of Control           ERSC         Center         Users         SSNVS      EEVS\n                                                                                                       1\n      Monitor employers usage                No           No              No           Yes        No\n                                                  2\n      Blocks unauthorized use               Yes           No              No           Yes        No\n      Deactivates inactive users            N/A           N/A             No           Yes        No\n     Note 1: DHS is developing this capacity.\n     Note 2: Although the ERSC cannot block incoming telephone calls, it maintains a list of problem\n     employers on a \xe2\x80\x9cDo Not Verify\xe2\x80\x9d list to restrict further verification.\n\n\n\n\n28\n  In March 2004, Congress placed new restrictions on the receipt of SSA benefits by noncitizens who are\nnot authorized to work in the United States. Under Section 211 of the Social Security Protection Act of\n2004, Pub. L. No. 108-203, a non-citizen whose SSN was originally assigned on or after January 1, 2004,\nmust meet one of the following additional requirements to be entitled to Title II and Medicare benefits\nbased on the non-citizen\xe2\x80\x99s earnings: (1) the alien worker must have been issued a SSN for work\npurposes on or after January 1, 2004 or (2) the alien worker must have been admitted to the United\nStates as a nonimmigrant visitor for business or as an alien crewman under specified provisions of the\nImmigration and Nationality Act.\n29\n   SSA already discloses on the face of non-work Social Security cards that the SSN is \xe2\x80\x9cNot Valid for\nEmployment.\xe2\x80\x9d Any verification feedback relating to this legend would only be reminding employers of\ninformation already released by SSA.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                               9\n\x0cMonitoring Usage\n\nThe SSNVS process (1) identifies users who improperly search for valid name/SSN\ncombinations 30 and (2) verifies whether the employee names and SSNs submitted for\nverification relate to wages recorded in SSA\xe2\x80\x99s MEF. 31 Furthermore, DHS was in the\nprocess of implementing new monitoring controls for EEVS. The Deputy Director for\nU.S. Citizenship and Immigration Service (USCIS), stated in an April 2007 hearing\nbefore the Subcommittee on Immigration, Citizenship, Refugees, Border Security and\nInternational Law of the Committee on the Judiciary, House of Representatives, 110th\nCongress, 32 that USCIS was establishing a monitoring and compliance unit to help\ndetect unauthorized employment, to prevent verification-related discrimination or\nemployer misuse of the program, and to detect identity and document fraud. The unit\nwould be responsible for monitoring the employers\xe2\x80\x99 use of the system and conducting\ntrend analysis to detect potential fraud and discrimination.\n\nThrough discussions with SSA staff, we found SSA did not have a system in place to\nmonitor employers\xe2\x80\x99 usage of the two EVS verification programs to detect anomalies or\ninappropriate use of the programs. The Agency was not generating management\ninformation reports to identify employers who may have been improperly verifying\nnames and SSNs or tracking usage trends among employers.\n\nIn addition, we found none of the verification programs were monitoring whether\nmultiple employers were verifying the same SSN. Moreover, we found that none of the\nverification programs could detect the misuse of a valid name/SSN combination (e.g.\nidentity theft). 33 At a congressional hearing on July 25, 2006, the Associate Director of\n\n\n\n30\n   SSA was using two types of reports to assist in detecting improper searching for valid names/SSNs\nduring the data submission process. The Same Name/Different SSN report identified if a single user\nattempted to verify more than 50 combinations for the same name but different SSN, whereas the Same\nSSN/Different Name report identified a single user who attempted to verify more than 50 combinations for\nthe same SSN but different name. These reports captured data from both on-line and batch verification\nattempts and were produced on a weekly basis.\n31\n  SSA developed an SSNVS Failed MEF Check report to highlight all PINs, EINs, and SSNs for which\nthe MEF did not contain wages related to the employees submitted for verification.\n32\n  Oversight Hearing on Problems in the Current Employment Verification and Worksite Enforcement\nSystem, Prepared testimony of Jonathan R. Scharfen, Deputy Director U.S. Citizenship and Immigration\nService, Department of Homeland Security, April 24, 2007.\n33\n   At least one employer has cited identity theft and the inability to detect trends in the data as a problem.\nIn testimony April 24, 2007, before the Subcommittee on Immigration, Citizenship, Refugees, Border\n                                                                                                      th\nSecurity and International Law of the Committee of the Judiciary, House of Representatives, 110\nCongress, the Senior Vice President of a meat processing firm stated \xe2\x80\x9cAs currently structured, the Basic\nPilot does not detect duplicate active records in its database. The same Social Security number could be\nin use at another employer, and potentially multiple employers, across the country.\xe2\x80\x9d In the case of the\nemployer who was using EEVS, the Government raided six production facilities in December 2006 and\ndetained 1,282 employees some of who may have been committing some forms of identity theft.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                                10\n\x0cUSCIS noted that this was problem for the EEVS program. 34 Specifically, she stated\nthe following:\n\n        The current Basic Pilot is not fraud proof and was not designed to\n        detect identity fraud. In fact, a recent analysis of Basic Pilot systems\n        data found multiple uses of certain I-94 numbers, A-numbers, and\n        SSNs in patterns that could suggest fraud\xe2\x80\xa6Findings concerning\n        potential fraud (e.g., SSNs being run multiple times in improbable\n        patterns, employers not indicating what action they took after receiving\n        a final nonconfirmation) will be referred to ICE Worksite Enforcement\n        investigators. 35\n\nBlocking Unauthorized or Inactive Users\n\nIn our review, we found that three of the four verification programs did not have a\nmechanism in place to block unauthorized and/or inactive users from gaining access to\nthe verification programs. If SSA or DHS had determined that a user inappropriately\nused EVS for Registered Users or EEVS, the two agencies did not have a system in\nplace to deactivate the user\xe2\x80\x99s access to the verifications programs. Additionally, SSA\nand DHS did not have a process in place to prevent inactive users from gaining access\nto EVS for Registered Users or EEVS. For example, there were 12 users that were\ngranted access to this program in the 1980s and none of the users submitted\nverifications requests within FYs 2002 to 2005. Yet, SSA still considers them as valid\nusers and anyone could submit verification requests under their PINs. To ensure\nappropriate use of its services and data, we believe SSA should consider removing\ninactive users from its list of valid users until the Agency has verified their identity and\nauthorization to use the verification program. 36\n\nMoreover, although our review found both EVS Telephone/Fax and SSNVS 37 had a\nprocess in place that deactivated users\xe2\x80\x99 access to the verification programs for\n34\n   DHS is taking some additional steps to detect identity theft within EEVS. For example, DHS has piloted\na program to enhance the EEVS system by allowing an employer to view the photo associated with the\nholder of a \xe2\x80\x9cgreen card\xe2\x80\x9d or Employment Authorization Document. When available, the system displays\nthe photo that DHS has on file for the given card number, allowing the employer to make a visual match\nof identical photos.\n35\n  Is the Federal Government Doing all it Can to Stem the Tide of Illegal Immigration?, Statement of Janis\nSposato, Associate Director, USCIS, DHS, before the Subcommittee on Regulatory Affairs (now the\nSubcommittee on Information Policy, Census, and National Archives) of the Committee on Government\n                                                                                                    th\nReform (now the Committee on Oversight and Government Reform) House of Representatives, 109\nCongress, July 25, 2006.\n36\n   In our September 2002 audit, The Social Security Administration\xe2\x80\x99s Employee Verification Service for\nRegistered Employers (A-03-02-22008), we recommended SSA establish an annual or periodic\nreapplication process where EVS registered users are reauthorized to use the service.\n37\n   In our September 2006 Congressional Response Report: Monitoring the Use of Employee Verification\nPrograms (A-03-06-36122), we noted how SSA staff had detected and deactivated an employer from\nSSNVS for potential misuse. In our further review of this company, we found that while the company\nreported 8 Wage and Tax Statements (W-2 Form) during CY 2005, the user submitted approximately\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                           11\n\x0cinappropriate use, this data was not shared among the verification programs.\nTherefore, known program abusers identified under these programs had the ability to\ngain access to the other verification programs without the risk of being detected. For\nexample, the ERSC maintained a log called the \xe2\x80\x9cDo Not Verify\xe2\x80\x9d list to prevent access by\ncompanies that had misused the EVS Telephone/Fax service. However, ERSC does\nnot block incoming calls. Instead, SSA staff were expected to review this listing when\nthey received a call and refuse to verify information for listed employers. Moreover, if a\nlisted employer called the Teleservice Center later that day to verify information, SSA\nstaff would have no reason not to provide verification services.\n\n\n\n\n14,000 names/SSNs for verification. We also determined that the user in question was employed by a\ncompany that offered a number of mortgage services on its website, including the processing of IRS\nForm 4506, Request for Transcript of Tax Return and SSN verification services. The user also attempted\nto verify more names/SSNs using SSA\xe2\x80\x99s telephone service. SSA questioned the user about the number\nof verifications and terminated the user\xe2\x80\x99s telephone access. We found that in late 2005 the user obtained\naccess to EEVS. However, as of August 2006, the user had not submitted any verification requests to\nEEVS.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                           12\n\x0c                                                   Conclusions and\n                                                  Recommendations\nWe believe that providing employers with tools to verify the names/SSNs of their\nemployees is crucial for accurate wage reporting. DHS\xe2\x80\x99 EEVS also helps ensure\ncompliance with immigration laws by providing information on employee\xe2\x80\x99s work\nauthorization. However, both SSA and DHS need to make certain that adequate\nsecurity measures are in place to prevent and detect unauthorized or inappropriate\naccess to the verification programs and SSA data. Furthermore, the two agencies need\nto make sure that feedback responses provided to users of the verification programs are\nconsistent to avoid skepticism about SSA programs and data and to prevent inadvertent\ndisclosure of PII to unauthorized users.\n\nRECOMMENDATIONS\n\nTo address the findings in this report, we recommend SSA:\n\n   1. Consider combining the EVS telephone/fax and EVS for Registered Users under\n      SSNVS to ensure access and monitoring controls are in place to protect the\n      program, safeguard data, prevent unauthorized access, and provide consistent\n      information to employers.\n\n   2. Ensure feedback responses provided to employers for the four verification\n      programs are consistent as it relates to (a) name/SSN matches and (b) death\n      indicator responses.\n\nIf the Agency determines that is not feasible to combine its employee verifications under\nthe SSNVS umbrella, we have made a series of additional recommendations:\n\n   3. Implement procedures to verify identity and authority for individuals to use EVS\n      Telephone/Fax and EVS for Registered Users to ensure proper disclosure of\n      verification data.\n\n   4. Discontinue the disclosure of corrected SSNs via the paper process under EVS\n      for Registered Users.\n\n   5. Consider modifying all SSA verification programs to detect SSNs for individuals\n      in non-work status, provide employers with notification, and instruct employers to\n      have their employees visit a field office to update the employee\xe2\x80\x99s record.\n\n   6. Establish monitoring controls for EVS Telephone/Fax and EVS for Registered\n      Users that is consistent with SSNVS to detect potential misuse of the verification\n      programs.\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                             13\n\x0c   7. Develop procedures to block unauthorized users from gaining access to SSA\xe2\x80\x99s\n      verifications programs. Ensure that unauthorized user information is shared\n      among the verification programs to prevent further access to SSA data.\n\n   8. Establish a protocol to remove inactive users from the list of valid users for EVS\n      for Registered Users until their identity and authorization to use the verification\n      program has been verified and updated.\n\nAGENCY COMMENTS\nSSA agreed with all but one of our recommendations. In response to Recommendation\n5, SSA stated that it believed that work authorization was DHS\xe2\x80\x99 responsibility and\nshould be handled through DHS\xe2\x80\x99 EEVS process. Further, the Agency stated that\nalthough current disclosure policy would allow work authorization information to be\nprovided to employers based on their wage reporting responsibilities, this information\nmay not be current in SSA\xe2\x80\x99s Numident records. See Appendix F for the full text of\nSSA\xe2\x80\x99s comments.\n\nOIG RESPONSE\nIn terms of Recommendation 5, we believe SSA should reconsider this recommendation\nbecause the Agency has a significant role in the workplace by (1) issuing Social\nSecurity cards with work authorization designations to assist employers when they hire\nnew employees and (2) assisting DHS with EEVS to verify the identity and work\nauthorization of new employees.\n\nSince SSA\xe2\x80\x99s employee verification programs are more comprehensive than EEVS in\nthat SSA verifies the identity of new and existing employees (i.e. SSNVS), we believe\nSSA is in a good position to assist with work authorization as well. Even if SSA\xe2\x80\x99s\nNumident records are out of date, two positive outcomes are possible if SSA verifies an\nemployee\xe2\x80\x99s work authorization: (1) unauthorized workers are identified or (2) the\nemployee\xe2\x80\x99s information is updated in SSA\xe2\x80\x99s records.\n\nCurrently, non-citizens with outdated information in SSA\xe2\x80\x99s systems are most likely\nunaware that their information is being reported to DHS as part of SSA\xe2\x80\x99s legal\nrequirement to share such data with DHS for worksite enforcement. Moreover, these\nnon-citizens will not be eligible for SSA benefits until their work authorization information\nhas been corrected.\n\nIn terms of workloads, even if work authorization notifications to employers lead to\nadditional workloads in the short-term, we believe this data-sharing will (1) improve the\naccuracy and integrity of SSA records and (2) reduce the number of nonwork SSNs\nshared with DHS in subsequent years, allowing DHS to better focus its resources. In\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                              14\n\x0caddition, the earlier notifications could lessen field office workloads by reducing the\nnumber of \xe2\x80\x9cSSA tentative non-confirmations\xe2\x80\x9d under EEVS and eliminating the need for\nstaff to verify the existence of a work-authorized SSN for non-citizens applying for SSA\nbenefits.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                           15\n\x0c                                           Appendices\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)\n\x0c                                                               Appendix A\n\nAcronyms\n BSO           Business Service Online\n CY            Calendar Year\n DHS           Department of Homeland Security\n DoB           Date of Birth\n EEVS          Employment Eligibility Verification System\n EIF           Employer Identification File\n EIN           Employer Identification Number\n ERSC          Employer Reporting Service Center\n EVS           Employee Verification Service\n FO            Field Office\n FY            Fiscal Year\n IRS           Internal Revenue Service\n MEF           Master Earnings File\n OIG           Office of the Inspector General\n PII           Personally Identifiable Information\n PIN           Personal Identification Number\n POMS          Program Operations Manual System\n SSA           Social Security Administration\n SSN           Social Security Number\n SSNVS         Social Security Number Verification Service\n TY            Tax Year\n TSCOG         Teleservice Center Operating Guide\n USCIS         U.S. Citizenship and Immigration Service\n WBDOC         Wilkes-Barre Data Operations Center\n Forms\n Form I-9      Employment Eligibility Verification Form\n Form I-94     Arrival/Departure Record\n Form SS-5     Application for a Social Security Number\n Form W-2      Wage and Tax Statement\n \xe2\x80\x9cA\xe2\x80\x9d Number    Alien Registration Number\n I-94 Number   Arrival/Departure Number\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)\n\x0c                                                                        Appendix B\n\nScope and Methodology\nTo accomplish our objective, we:\n\n\xe2\x80\xa2     Reviewed pertinent sections of the Social Security Administration\xe2\x80\x99s (SSA) policies\n      and procedures as well as other relevant Federal laws and regulations.\n\n\xe2\x80\xa2     Reviewed Office of the Inspector General, Government Accountability Office, and\n      Department of Homeland Security (DHS) reports, and other relevant documents.\n\n\xe2\x80\xa2     Established accounts with the Social Security Number Verification Service (SSNVS)\n      and DHS\xe2\x80\x99 Employment Eligibility Verification System (EEVS), 1 formerly known as the\n      Basic Pilot.\n\n\xe2\x80\xa2     For SSA\xe2\x80\x99s Employee Verification Service (EVS) and SSNVS, we:\n      \xef\x83\xbc Obtained a current list of registered users;\n      \xef\x83\xbc Obtained user feedback data;\n      \xef\x83\xbc Obtained sample submission data;\n      \xef\x83\xbc Identified the number of registered employers using the service as of Calendar\n         Years (CY) 2006; and\n      \xef\x83\xbc Identified the number of verifications submitted in CYs 2003 to 2006.\n\n\xe2\x80\xa2     For DHS\xe2\x80\x99 EEVS, we:\n      \xef\x83\xbc Obtained a current list of registered users;\n      \xef\x83\xbc Obtained user feedback data;\n      \xef\x83\xbc Obtained sample submission data;\n      \xef\x83\xbc Identified the number of registered employers using the service as of Fiscal\n         Years (FY) 2006; and\n      \xef\x83\xbc Identified the number of verifications submitted in FYs 2003 to 2006.\n\n\xe2\x80\xa2     Discussed the following with SSA and DHS staff:\n      \xef\x83\xbc controls in place under EVS, SSNVS and EEVS to ensure appropriate access to\n         the verification programs;\n      \xef\x83\xbc controls in place under EVS, SSNVS and EEVS to ensure the appropriate\n         feedback responses to users; and\n      \xef\x83\xbc controls in place under EVS, SSNVS, and EEVS to ensure users are not\n         misusing programs.\n\nOur review of internal controls was limited to obtaining an understanding of the\nverification programs. We determined that the list of registered users, feedback data,\n\n1\n    EEVS is also referred to as E-Verify.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                               B-1\n\x0cand submission data for the verification programs were generally reliable. The entities\naudited were the Office of Earnings, Enumeration and Administrative Systems under the\nDeputy Commissioner for Systems, the Office of Central Operations under the Deputy\nCommissioner for Operations, and the Employer Wage Reporting and Relations Staff\nunder the Deputy Commissioner of Budget, Finance and Management. We conducted\nthe audit between November 2005 and April 2007 in Philadelphia, Pennsylvania. We\nconducted our audit in accordance with generally accepted government auditing\nstandards.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                       B-2\n\x0c                                                                                  Appendix C\n\nEmployee Verification Service\nSocial Security Number (SSN) verification is essential to ensuring that wage reports are\nproperly matched to the right SSN. Since the 1980s, the Social Security Administration\n(SSA) has worked to offer the employer community various methods to verify their\nemployees\xe2\x80\x99 SSNs. One of the methods is the Employee Verification Service (EVS).\nEVS offers several submission methods depending upon the number of employees\nverified at a time.\n\nEVS Telephone/Fax\n\nTelephone: For up to five SSNs, employers can call SSA\xe2\x80\x99s toll-free numbers to verify\nSSNs. Employers can either call 1 of the 37 Teleservice Centers or the Employer\nReporting Service Center (ERSC). 1 Table C-1 below shows the criterion each\ncomponent uses to verify SSNs for employers.\n\n         Table C-1: Criteria for Verifying Social Security Numbers by Telephone\n                                                                                      Teleservice\n                                                                              1\n                            Requirements                              ERSC             Centers 2\n     Verify user\xe2\x80\x99s identity                                             No                 No\n     Verify user\xe2\x80\x99s authorization to use the program                     No                 No\n     Verify up to five SSNs (name, date of birth and gender)            Yes                Yes\n     Verify the Employer Identification Number (EIN)                    Yes                Yes\n                                                    3\n     Verify employer is not on "Do Not Verify" list                     Yes                No\n     If data agrees, provide positive response                          Yes                Yes\n     If data disagrees, request employee visit a local field office     Yes                Yes\n     If record shows date of death, special indicator, or non-work\n     status, request employee visit a field office                      No                 Yes\n    Note 1: SSA Program Operations Manual (POMS), ER 00301.010 \xe2\x80\x94Telephone Calls.\n    Note 2: SSA Teleservice Center Operating Guide (TSCOG), TC 31001.090 \xe2\x80\x94 Request to Verify SSN\n    or Work Authorization.\n    Note 3: The \xe2\x80\x9cDo Not Verify\xe2\x80\x9d list includes names of companies the ERSC determined had misused the\n    verification service.\n\nFax: For up to 50 names and SSNs, employers have the option to fax a paper listing to\na local field office or the ERSC. 2 Both components will indicate on the paper requests\n\n1\n Within SSA, the two components responsible for conducting the verifications by telephone are the\nTeleservice Centers and the ERSC. Staff in the Teleservice Centers provide a full range of assistance to\nbeneficiaries and inquirers by telephone and/or by correspondence regarding all programs administered\nby the SSA. Staff in the ERSC assists employers with wage reporting questions or problems. While we\nare using the term Teleservice Centers in our review, SSA field offices also are responsible for\nverifications and are expected to follow the same policy guidance.\n2\n    The ERSC only accepts up to five paper verification requests.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                         C-1\n\x0cwhether submitted data matches SSA records or instruct the employer to have the\nemployee visit a local field office.\n\nEVS for Registered Users\n\nFor more than 50 names and SSNs, employers may use EVS for Registered Users by\ncompleting a registration form and Privacy Act Statement. As part of the registration\nprocess, the employers must submit the company\xe2\x80\x99s EIN, full address, name, and title of\ncontact person and approximate number of employees\xe2\x80\x99 SSNs the employers wishes to\nverify. The employers have the option of submitting their verification requests by paper\nor magnetic media (tape, cartridge, compact disk, or diskette). However, SSA plans to\ndiscontinue accepting verifications request submitted by magnetic media as of October\n2007 and will only accept paper requests. 3 As shown in Table C-2, for EVS for\nRegistered users, employers are provided with several verification responses for the\ndata submitted.\n\n                  Table C-2: EVS Verification Codes Provided to Users\n              EVS Code                          Description of Code\n               \xe2\x80\x9cBlank\xe2\x80\x9d     Name and SSN match SSA\'s records.\n                  1        SSN not in file (never issued to anyone).\n                  2        Name and date of birth match; gender does not match.\n                  3        Name and gender match; date of birth does not match.\n                  4        Name matches; date of birth and gender do not match.\n                  5        Name does not match; date of birth and gender not checked.\n                                                             1\n                  6        SSN Not Verified; Other Reason\n                  Y        Death indicator\n                  *        Input SSN did not verify; SSA located a different SSN.\n              Note 1: Starting in August 2007 SSA will provide employers with code 6, if an\n              individual\xe2\x80\x99s Numident record includes a fraud indicator.\n\n\n\n\n3\n  Starting in October 2007 SSA will no longer process magnetic media (i.e. tapes, cartridges, compact\ndisk, or diskettes) for SSN verification using EVS for Registered Users. Employers that prefer to submit\nrequests electronically will be required to use SSNVS. SSA will continue to accept paper requests under\nEVS for Registered Users. SSA\xe2\x80\x99s Wilkes Barre Data Operations Center (WBDOC) processes the paper\nrequests.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                         C-2\n\x0c                                                                                   Appendix D\n\nSocial Security Number Verification Service\nTo increase the ease and convenience of verifying employee names and Social\nSecurity Numbers (SSN), the Agency developed the Social Security Number\nVerification Programs (SSNVS), a free on-line program. After a 2-year pilot, SSNVS\nwas expanded to all employers in June 2005. At the end of Calendar Year (CY) 2005,\nthe Social Security Administration (SSA) reported that SSNVS processed about\n25 million verifications for over 12,000 employers. As illustrated in Figure D-1, the use\nof the program increased in CY 2006 by almost doubling the total verifications\nprocessed to 49 million.\n\n                           Figure D-1: SSNVS Verifications for CY 2003 to 2006\n                                                                        49\n                          50\n    Verifications in\n\n\n\n\n                          40\n                                                                 25\n       Millions\n\n\n\n\n                          30\n\n                          20                10\n                                  5\n                          10\n\n                           0\n                                2003        2004             2005      2006\n                                                 Calendar Year\n\nTo obtain access to SSNVS, employers and third parties must first register on-line at\nSSA\xe2\x80\x99s Business Service Online (BSO) website. Following registration, SSA will mail an\nactivation code, 1 which is a code needed to gain access to SSNVS, directly to the\ncompany\xe2\x80\x99s address shown in the Employer Identification File (EIF). 2 Once the\nregistered users activate SSNVS using their Personal Identification Number (PIN) 3 and\nthe activation code, they can start submitting verifications. Registered users can:\n\n    \xe2\x80\xa2              Submit up to 10 employee names and SSNs (per screen) via the on-line SSNVS\n                   and receive immediate results; and\n\n\n\n\n1\n The activation code is an alphanumeric code sent by SSA to the employer or registered PIN holder (if\nself-employed) when access to certain programs is requested. This code must be entered on the\nActivate Access to BSO Service web page to enable the user to access the requested service.\n2\n The EIF is an Internal Revenue Service file that contains the Employer Identification Number (EIN) of a\nbusiness and the employer name and address associated with each EIN.\n3\n The PIN is a unique value issued by SSA to the applicant at registration, which must be entered to gain\naccess to SSNVS.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                          D-1\n\x0c    \xe2\x80\xa2   Upload files containing up to 250,000 employee names and SSNs and usually\n        receive verification results the next Government business day. This bulk\n        procedure allows employers to verify an entire payroll database or verify at one\n        time the names and SSNs of a large number of newly hired workers.\n\nSSA will return a verification code to the employer for each employee whose information\ndoes not match SSA\xe2\x80\x99s record. In addition to the verification code, SSA provides a death\nindicator if the employee\xe2\x80\x99s Numident 4 record includes a date of death. Table D-1\nprovides descriptions for the SSNVS verification codes.\n\n                 Table D-1: SSNVS Verification Codes Provided to Users\n           SSNVS Code                             Description of Code\n             \xe2\x80\x9cBlank\xe2\x80\x9d       Name and SSN match SSA\'s records.\n                1          SSN not in file (never issued to anyone)\n                2          Name and date of birth match; gender code does not match\n                3          Name and gender code match; date of birth does not match\n                4          Name matches; date of birth and gender code do not match\n                5          Name does not match; date of birth and gender code not checked\n                                                             1\n                6          SSN Not Verified; Other Reason\n                Y          Death indicator\n          Note 1: Starting in August 2007 SSA will provide employers with code 6, if an individual\xe2\x80\x99s\n          Numident record includes a fraud indicator.\n\n\n\n\n4\n The Numident is a record of identifying information (such as name, date of birth, date of death, mother\xe2\x80\x99s\nmaiden name, etc.) provided by the applicant on his or her Application for a Social Security Number\n(Form SS-5) for an original SSN and subsequent applications for replacement SSN cards. Each record is\nhoused in the Numident Master File in SSN order.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                           D-2\n\x0c                                                                                               Appendix E\n\nEmployment Eligibility Verification\nSystem\nThe Employment Eligibility Verification System (EEVS), 1 formerly known as the Basic\nPilot, is an ongoing joint initiative between the Social Security Administration (SSA) and\nthe Department of Homeland Security (DHS). 2 The purpose of the EEVS is to assist\nemployers in verifying the employment eligibility of newly hired employees. The\nPresident signed The Basic Pilot Program Extension and Expansion Act of 2003 (Public\nLaw Number 108-156) into law on December 3, 2003. This law extended the operation\nof the EEVS for an additional 5 years (to a total of 11 years) and expanded the\noperation to all 50 States not later than December 1, 2004. Although EEVS has only\nbeen expanded for a short period, we found that the number of verifications have\nsignificantly increased during this period (see Figure E-1).\n\n                                    Figure E-1: EEVS Verifications for FY 2003 to 2006\n                                                                                   1,743,654\n                             2,000,000\n                                                                        980,991\n                             1,500,000\n             Verifications\n\n\n\n\n                                          612,722   756,947\n                             1,000,000\n\n                              500,000\n\n                                    0\n                                         2003        2004                   2005     2006\n                                                              Fiscal Year\n\nThe EEVS program uses the information in Government databases (SSA databases\nand, if needed, DHS databases) to determine the employment eligibility of new hires.\nThe Social Security number (SSN) and Alien Registration Number (\xe2\x80\x9cA\xe2\x80\x9d Number) 3 or I-94\n\n\n\n\n1\n    EEVS is also referred to as E-Verify.\n2\n  Section 401 of The Illegal Immigration Reform and Immigrant Responsibility Act of 1996\n(8 U.S.C. \xc2\xa7 1324a), Pub. Law No. 104-208.\n3\n  The \xe2\x80\x9cA\xe2\x80\x9d number is the 9-digit number following \xe2\x80\x9cA\xe2\x80\x9d which is shown on the \xe2\x80\x9cgreen card\xe2\x80\x9d or Permanent\nResident Card (formerly the I-551 Alien Registration Receipt Card), the Employment Authorization\nDocument (I-766 and I-688B), and on certain other immigration documents and notices. For newly\nadmitted immigrants, the \xe2\x80\x9cA\xe2\x80\x9d number is shown on the machine-readable immigrant visa affixed to the\nforeign passport.\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                           E-1\n\x0cNumber (Admission Number) 4 are used for these checks. The employer must complete\nthe DHS-issued Employment Eligibility Verification Form (Form I-9) for each employee\nand then enter elements of this data into the EEVS within 3 days of hiring, including the\nemployee\xe2\x80\x99s SSN, name, date of birth (DoB), and whether the new-hire indicated he or\nshe was a U.S. citizen and, if not, the \xe2\x80\x9cA\xe2\x80\x9d Number or I-94 Number.\n\nThe system first checks the information entered against SSA\xe2\x80\x99s database to verify the\nname, SSN, and DoB of newly hired employees, regardless of citizenship. When the\nNumident shows the U.S. as the place of birth for the newly hired employee or a code\nindicating the number holder is a U.S. citizen and the new hire indicated that he/she is a\nU.S. citizen, the EEVS automated system confirms employment eligibility. If the EEVS\nsystem cannot confirm employment eligibility based on the information in SSA\xe2\x80\x99s\ndatabase or an \xe2\x80\x9cA\xe2\x80\x9d Number or I-94 Number was entered, the EEVS system checks the\ndata against DHS\xe2\x80\x99 database.\n\nThe employer will receive notification of "SSA tentative non-confirmation" of\nemployment eligibility when the SSN, name, or DoB does not match the information in\nSSA\xe2\x80\x99s database or if a death indicator is present. In addition, employers will receive an\n"SSA tentative non-confirmation" if the new-hire indicated he or she was a U.S. citizen\nand SSA\xe2\x80\x99s records did not show that the person was a U.S. citizen. The employer will\nreceive notification of "DHS tentative nonconfirmation" of employment eligibility when\nDHS\xe2\x80\x99 database does not show the new-hire as authorized for employment. In these\ncases, the employer asks the employee whether he or she wishes to contest the\ntentative non-confirmation. If contested, the employee must contact SSA or DHS within\n8 Government working days of the notification. After the employee contacts SSA or\nDHS to correct the record, the employer resubmits the query through the EEVS system.\nIf the system does not confirm employment eligibility after the employer resubmits the\nquery, the employer may terminate the new-hire.\n\n\n\n\n4\n The I-94 Number is the 11-digit number located on the Arrival-Departure Record (Form I-94). The\nForm I-94 shows the date the individual arrived in the United States, the \xe2\x80\x9cAdmitted Until\xe2\x80\x9d date, and the\ndate when his or her authorized period of stay expires.\n\nControls Over Employee Verification Programs (A-03-06-15036)                                               E-2\n\x0c                                                               Appendix F\n\nAgency Comments\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)\n\x0c                                         SOCIAL SECURITY\n\nMEMORANDUM\n\n\nDate:       August 22, 2007                                            Refer To:   S1J-3\n\nTo:         Patrick P. O\'Carroll, Jr.\n            Inspector General\n\nFrom:       Larry W. Dye      /s/\n\nSubject:    Office of the Inspector General (OIG) Draft Report, "Controls Over Employee Verification\n            Programs\xe2\x80\x9d (A-03-06-15036)--INFORMATION\n\n\n           We appreciate OIG\xe2\x80\x99s efforts in conducting this review. Our comments on the recommendations\n           are attached.\n\n           Please let me know if we can be of further assistance. Staff inquiries may be directed to\n           Ms. Candace Skurnik, Director, Audit Management and Liaison Staff, on (410) 965-4636.\n\n\n           Attachment\n\n\n\n\n           Controls Over Employee Verification Programs (A-03-06-15036)                                F-1\n\x0cCOMMENTS ON THE OFFICE OF THE INSPECTOR GENERAL\xe2\x80\x99S (OIG) DRAFT\nREPORT, \xe2\x80\x9cCONTROLS OVER EMPLOYEE VERIFICATION PROGRAMS\xe2\x80\x9d\n(A-03-06-15036)\n\nThank you for the opportunity to review and provide comments on this draft report. Our\ncomments on the draft recommendations are as follows.\n\nRecommendation 1\n\nConsider combining the Employee Verification Service (EVS) Telephone/Fax and EVS for\nRegistered Users under Social Security Number Verification Service (SSNVS) to ensure access\nand monitoring controls are in place to protect the program, safeguard data, prevent unauthorized\naccess, and provide consistent information to employers.\n\nComment\n\nWe agree. SSNVS uses the Integrated Registration for Employer Services (IRES) system for\nregistering employees of businesses who are authorized by their employers to verify names and\nSocial Security numbers (SSN) for wage reporting purposes. The report found that IRES\ncontained the appropriate safeguards and security for accessing personal information. The\nAgency currently has a parallel automated telephone verification service in development. The\nTelephone National 800 # Employer Verification (TNEV) is an Agency approved project that is\nscheduled to be implemented in May 2008. TNEV will use IRES to register employees who will\ncomplete the name/SSN verifications. Utilizing IRES will ensure that the same level of security\nand authentication exists as in SSNVS.\n\nIn conjunction with the development of TNEV, it is currently being evaluated as to whether the\nAgency should limit name and SSN verifications to the SSNVS and TNEV processes. This\ncourse of action would no longer provide live agents for telephone verifications of names and\nSSNs in either the Office of Earnings Operations (OEO) or the national 800 number. Therefore,\nemployers requesting to verify more than 10 names and SSNs by TNEV would be directed to\nutilize SSNVS via the proper website address. SSNVS has the ability to verify up to 250,000\nnames and SSNs overnight or up to 10 names and SSNs online. If this process is adopted, TNEV\nand SSNVS would offer consistency in the responses provided to the employers and provide a\nsecure registration process for all users.\n\nIf the Agency decides not to move forward with limiting name and SSN verifications to the\nSSNVS and TNEV processes, we will reevaluate other avenues to implement this audit\nrecommendation in the future.\n\nRecommendation 2\n\nEnsure feedback responses provided to employers for the four verification programs are\nconsistent as it relates to: a) name and SSN matches; and b) death indicator responses.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                  F-2\n\x0cComment\n\nWe agree. See our response to recommendation 1. Current disclosure policy allows for the same\ndata to be shared with employers via any SSN verification process. The routine use established\nfor the applicable Privacy Act system of records, the SSN Master File (i.e., Numident records),\nallows information from that system to be disclosed to employers consistent with their wage\nreporting responsibilities. It should be noted that feedback response differences between the\nEmployment Eligibility Verification System (EEVS) and the various SSN verification processes\nwere established for different purposes; therefore, it may be appropriate to maintain different\nmatching protocols. EEVS was designed to verify work eligibility status (determined by\ncitizenship status) and is driven by Department of Homeland Security (DHS) needs. The other\nprograms verify only the SSN, name and date of birth match (and also check for death\ninformation) for the purpose of wage reporting; citizenship status is not checked. We do note,\nhowever, that a future release of SSNVS (August 2007) will return successful and unsuccessful\nmatches to the user. This brings the functionality of EVS and SSNVS in line with each other.\n\nLastly, the implementation of this recommendation could be affected by the outcomes for several\npending developments concerning the EEVS program, as several States are enacting legislation\nrequiring employers to use EEVS. It should be noted that although comprehensive immigration\nreform legislation did not pass, there are other pending legislative proposals mandating the use of\nEEVS. If the legislation is passed, or EEVS is otherwise implemented on a mandatory basis, the\nneed for other SSN verification programs for employers may diminish, as all employers will be\nrequired to use EEVS for new hires.\n\nRecommendation 3\n\nImplement procedures to verify identity and authority for individuals to use EVS Telephone/Fax\nand EVS for Registered Users to ensure proper disclosure of verification data.\n\nComment\n\nWe agree. With the implementation of recommendations 1 and 2, this recommendation will be\nunnecessary. However, if recommendations 1 and 2 are not implemented, we will reevaluate\nother avenues to implement this audit recommendation in the future.\n\nRecommendation 4\n\nDiscontinue the disclosure of corrected SSNs via the paper process under EVS for Registered\nUsers.\n\nComment\n\nWe agree. With the implementation of recommendations 1 and 2, this recommendation will be\nunnecessary. However, if recommendations 1 and 2 are not implemented, we will reevaluate\nother avenues to implement this audit recommendation in the future.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                   F-3\n\x0cRecommendation 5\n\nConsider modifying all SSA verification programs to detect SSNs for individuals in non-work\nstatus, provide employers with notification, and instruct employers to have their employees visit\na field office to update the employee\xe2\x80\x99s record.\n\nComment\n\nWe disagree. Work authorization is DHSs responsibility and should be handled through the\nDHS EEVS process. Even though current disclosure policy would allow this type of information\nto be provided to the employer based on their wage reporting responsibilities, SSA\xe2\x80\x99s Numident\nwork authorization information may no longer be current. A number holder (NH) could have\nacquired work authorization status after the non-work SSN card was issued. SSA verifies with\nDHS all immigration documents presented in support of the SSN application at the time the\napplication is taken. The Numident then serves as a \xe2\x80\x9csnap shot in time\xe2\x80\x9d as it records the\nindividual\xe2\x80\x99s work authorization status at the time the SSN card was issued. The Numident is not\nintended, and does not act, as a repository of work authorization status. Only DHS can\ndetermine current work authorization for a noncitizen. Even though DHS has jurisdiction over\nwork authorization determinations, we have concerns that prior OIG audits have identified that\nDHS was unable to locate the immigration and work authorization status of cases selected for\nreview. Therefore, the Agency would have to expend resources to work with NHs to correct\ninformation, even though it was accurate when the application for an SSN was completed.\nConfusion over this point would require a strong outreach effort to employers to prevent\nunintentional dismissal of employees. Such a process may also be very work-intensive, and\nrequire a significant investment of operational resources.\n\nRecommendation 6\n\nEstablish monitoring controls for the EVS Telephone/Fax and EVS for Registered Users that is\nconsistent with the SSNVS to detect potential misuse of the verification programs.\n\nComment\n\nWe agree. With the implementation of recommendations 1 and 2, this recommendation will be\nunnecessary. However, if recommendations 1 and 2 are not implemented, we will reevaluate\nother avenues to implement this audit recommendation in the future.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                   F-4\n\x0cRecommendation 7\n\nDevelop procedures to block unauthorized users from gaining access to SSA\xe2\x80\x99s verification\nprograms. Ensure that unauthorized user information is shared among the verification programs\nto prevent further access to SSA data.\n\nComment\n\nWe agree. With the implementation of recommendations 1 and 2, this recommendation will be\nunnecessary. However, if recommendations 1 and 2 are not implemented, we will reevaluate\nother avenues to implement this audit recommendation in the future.\n\nRecommendation 8\n\nEstablish a protocol to remove inactive users from the list of valid users for EVS for Registered\nUsers until their identity and authorization to use the verification program has been verified and\nupdated.\n\nComment\n\nWe agree. With the implementation of recommendations 1 and 2, this recommendation will be\nunnecessary. However, if recommendations 1 and 2 are not implemented, we will reevaluate\nother avenues to implement this audit recommendation in the future.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)                                    F-5\n\x0c                                                                     Appendix G\n\nOIG Contacts and Staff Acknowledgments\nOIG Contacts\n       Walter E. Bayer, Director, Philadelphia Audit Division, (215) 597-4066\n\n       Cylinda McCloud-Keal, Audit Manager, Philadelphia Audit Office, (215) 597-0572\n\nAcknowledgments\nIn addition to those named above:\n\n       Virginia Harada, Auditor-in-Charge\n\nFor additional copies of this report, please visit our web site at\nwww.socialsecurity.gov/oig or contact the Office of the Inspector General\xe2\x80\x99s Public\nAffairs Specialist at (410) 965-3218. Refer to Common Identification Number\nA-03-06-15036.\n\n\n\n\nControls Over Employee Verification Programs (A-03-06-15036)\n\x0c                            DISTRIBUTION SCHEDULE\n\nCommissioner of Social Security\nOffice of Management and Budget, Income Maintenance Branch\nChairman and Ranking Member, Committee on Ways and Means\nChief of Staff, Committee on Ways and Means\nChairman and Ranking Minority Member, Subcommittee on Social Security\nMajority and Minority Staff Director, Subcommittee on Social Security\nChairman and Ranking Minority Member, Subcommittee on Human Resources\nChairman and Ranking Minority Member, Committee on Budget, House of\nRepresentatives\nChairman and Ranking Minority Member, Committee on Government Reform and\nOversight\nChairman and Ranking Minority Member, Committee on Governmental Affairs\nChairman and Ranking Minority Member, Committee on Appropriations, House of\nRepresentatives\nChairman and Ranking Minority, Subcommittee on Labor, Health and Human Services,\nEducation and Related Agencies, Committee on Appropriations,\n House of Representatives\nChairman and Ranking Minority Member, Committee on Appropriations, U.S. Senate\nChairman and Ranking Minority Member, Subcommittee on Labor, Health and Human\nServices, Education and Related Agencies, Committee on Appropriations, U.S. Senate\nChairman and Ranking Minority Member, Committee on Finance\nChairman and Ranking Minority Member, Subcommittee on Social Security and Family\nPolicy\nChairman and Ranking Minority Member, Senate Special Committee on Aging\nSocial Security Advisory Board\n\x0c               Overview of the Office of the Inspector General\nThe Office of the Inspector General (OIG) is comprised of our Office of Investigations (OI),\nOffice of Audit (OA), Office of the Chief Counsel to the Inspector General (OCCIG), and Office\nof Resource Management (ORM). To ensure compliance with policies and procedures, internal\ncontrols, and professional standards, we also have a comprehensive Professional Responsibility\nand Quality Assurance program.\n                                        Office of Audit\nOA conducts and/or supervises financial and performance audits of the Social Security\nAdministration\xe2\x80\x99s (SSA) programs and operations and makes recommendations to ensure\nprogram objectives are achieved effectively and efficiently. Financial audits assess whether\nSSA\xe2\x80\x99s financial statements fairly present SSA\xe2\x80\x99s financial position, results of operations, and cash\nflow. Performance audits review the economy, efficiency, and effectiveness of SSA\xe2\x80\x99s programs\nand operations. OA also conducts short-term management and program evaluations and projects\non issues of concern to SSA, Congress, and the general public.\n\n\n                                    Office of Investigations\nOI conducts and coordinates investigative activity related to fraud, waste, abuse, and\nmismanagement in SSA programs and operations. This includes wrongdoing by applicants,\nbeneficiaries, contractors, third parties, or SSA employees performing their official duties. This\noffice serves as OIG liaison to the Department of Justice on all matters relating to the\ninvestigations of SSA programs and personnel. OI also conducts joint investigations with other\nFederal, State, and local law enforcement agencies.\n\n\n                   Office of the Chief Counsel to the Inspector General\nOCCIG provides independent legal advice and counsel to the IG on various matters, including\nstatutes, regulations, legislation, and policy directives. OCCIG also advises the IG on\ninvestigative procedures and techniques, as well as on legal implications and conclusions to be\ndrawn from audit and investigative material. Finally, OCCIG administers the Civil Monetary\nPenalty program.\n                              Office of Resource Management\nORM supports OIG by providing information resource management and systems security. ORM\nalso coordinates OIG\xe2\x80\x99s budget, procurement, telecommunications, facilities, and human\nresources. In addition, ORM is the focal point for OIG\xe2\x80\x99s strategic planning function and the\ndevelopment and implementation of performance measures required by the Government\nPerformance and Results Act of 1993.\n\x0c'